More testing

Signed-off-by: Riyaz Faizullabhoy <[email protected]>
notaryproject · Aug 2, 2016 · 4bf82bd · 4bf82bd
1 parent cc9d381
commit 4bf82bd
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 6 deletions.
diff --git a/client/helpers_test.go b/client/helpers_test.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"crypto/sha256"
 	"encoding/json"
+	"net/http"
 	"testing"
 	"time"
 
@@ -1019,3 +1020,15 @@ func TestAllNotNearExpiry(t *testing.T) {
 	require.NotContains(t, a.String(), "snapshot is nearing expiry, you should re-sign the role metadata", "Snapshot should not show near expiry")
 	require.NotContains(t, a.String(), "timestamp", "there should be no logrus warnings pertaining to timestamp")
 }
+
+func TestRotateRemoteKeyOffline(t *testing.T) {
+	// without a valid roundtripper, rotation should fail since we cannot initialize a HTTPStore
+	key, err := rotateRemoteKey("invalidURL", "gun", data.CanonicalSnapshotRole, nil)
+	require.Error(t, err)
+	require.Nil(t, key)
+
+	// if the underlying remote store is faulty and cannot rotate keys, we should get back the error
+	key, err = rotateRemoteKey("https://notary-server", "gun", data.CanonicalSnapshotRole, http.DefaultTransport)
+	require.Error(t, err)
+	require.Nil(t, key)
+}
diff --git a/server/handlers/default_test.go b/server/handlers/default_test.go
@@ -193,8 +193,8 @@ func TestRotateKeyHandlerInvalidRole(t *testing.T) {
 	}
 }
 
-// Rotating the key fails if we don't pass a valid key algorithm, or if it isn't Ed25519
-func TestRotateKeyHandlerNonED25519(t *testing.T) {
+// Rotating the key fails if we don't pass a valid key algorithm
+func TestRotateKeyHandlerInvalidKeyAlgo(t *testing.T) {
 	roles := []string{data.CanonicalTimestampRole, data.CanonicalSnapshotRole}
 	req := &http.Request{Body: ioutil.NopCloser(bytes.NewBuffer(nil))}
 
@@ -205,9 +205,6 @@ func TestRotateKeyHandlerNonED25519(t *testing.T) {
 		invalidKeyAlgoState.keyAlgo = "notactuallyakeyalgorithm"
 		err := rotateKeyHandler(getContext(invalidKeyAlgoState), recorder, req, vars)
 		require.Error(t, err)
-		invalidKeyAlgoState.keyAlgo = data.ECDSAKey
-		err = rotateKeyHandler(getContext(invalidKeyAlgoState), recorder, req, vars)
-		require.Error(t, err)
 	}
 }
 

diff --git a/signer/keydbstore/keydbstore_test.go b/signer/keydbstore/keydbstore_test.go
@@ -144,14 +144,20 @@ func testMarkKeyActive(t *testing.T, dbStore keyActivator) (data.PrivateKey, dat
 func testGetPendingKey(t *testing.T, dbStore keyActivator) (data.PrivateKey, data.PrivateKey) {
 	// Create a test key and add it to the db such that it will be pending (never marked active)
 	keyInfo := trustmanager.KeyInfo{Role: data.CanonicalSnapshotRole, Gun: "gun"}
+
+	// There should be no keys to start
+	retrievedKey, err := dbStore.GetPendingKey(keyInfo)
+	require.Error(t, err)
+	require.Nil(t, retrievedKey)
+
 	pendingTestKey, err := utils.GenerateECDSAKey(rand.Reader)
 	require.NoError(t, err)
 	requireGetKeyFailure(t, dbStore, pendingTestKey.ID())
 	err = dbStore.AddKey(keyInfo, pendingTestKey)
 	require.NoError(t, err)
 	requireGetKeySuccess(t, dbStore, data.CanonicalSnapshotRole, pendingTestKey)
 
-	retrievedKey, err := dbStore.GetPendingKey(keyInfo)
+	retrievedKey, err = dbStore.GetPendingKey(keyInfo)
 	require.NoError(t, err)
 	require.Equal(t, pendingTestKey.Public(), retrievedKey.Public())